
Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer
File: IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer (raw, json)
Hash identifier: pUf5SENn5Dy5xSJ7yEqrFjjvM/OROhFZfy1wmOA5xTs=
Subject key identifier: 20:82:0F:79:64:81:AC:0E:96:37:C9:62:41:45:97:B1:FE:22:7C:24
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019639EA14FB727FC0EDDFE1D511BBCDA34D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 15 Apr 2025 14:46:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 203483
IP: 5.145.180.0/22
IP: 89.38.60.0/22
IP: 89.42.144.0/22
IP: 185.11.92.0/22
IP: 185.132.76.0/22
IP: 185.153.204.0/22
IP: 185.181.96.0/22
IP: 185.207.92.0/22
IP: 185.215.48.0/22
IP: 2a0c:9680::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:ea:14:fb:72:7f:c0:ed:df:e1:d5:11:bb:cd:a3:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 15 14:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20820f796481ac0e9637c962414597b1fe227c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0e:11:f9:a6:d2:50:c3:c0:99:00:3f:3e:dd:
23:5d:1a:90:04:9e:59:45:81:4c:23:a5:06:83:eb:
32:d7:6f:98:cf:cb:13:ea:32:75:3f:75:6e:76:af:
99:d7:5e:7d:8e:a9:a7:d4:da:90:72:4f:22:3b:65:
88:dd:ba:a2:7f:3c:4e:ef:af:c1:96:10:c5:74:fd:
68:e8:b1:0c:e3:69:49:74:7b:82:8f:3d:95:b1:c7:
bf:d2:87:9a:d1:5e:25:84:d2:a4:ca:14:1c:50:7f:
9d:f5:68:3e:b6:a4:c4:21:f2:de:58:c0:4c:73:77:
85:77:b9:95:d5:79:18:79:4d:fe:b3:ac:75:fa:02:
90:00:7a:bf:14:ff:13:a5:5a:a1:55:d5:f0:39:b7:
b2:ef:d9:08:55:e7:72:f5:cb:28:3a:dc:b7:97:6e:
17:92:50:8a:1d:9e:a4:89:fd:b3:8d:aa:dc:d3:32:
ad:4a:0e:8d:93:ea:08:7c:55:69:38:4f:75:5a:55:
c1:a1:23:49:98:78:dc:cd:10:c4:19:a3:00:e2:81:
07:62:17:4e:d3:60:6d:26:8e:9d:73:53:44:16:bc:
e7:6a:82:8a:d3:66:0d:92:44:9a:e2:b0:ec:0a:a8:
a8:85:9f:5e:5f:f6:69:af:49:9d:6c:18:80:1a:7e:
35:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:82:0F:79:64:81:AC:0E:96:37:C9:62:41:45:97:B1:FE:22:7C:24
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.180.0/22
89.38.60.0/22
89.42.144.0/22
185.11.92.0/22
185.132.76.0/22
185.153.204.0/22
185.181.96.0/22
185.207.92.0/22
185.215.48.0/22
IPv6:
2a0c:9680::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203483
Signature Algorithm: sha256WithRSAEncryption
60:41:2f:62:e2:5a:4a:01:61:52:ce:ab:3c:a4:fb:7d:e0:23:
d0:4d:d0:69:11:64:32:73:22:69:62:5c:ec:ad:af:e2:1f:68:
0c:84:1d:8a:d3:55:47:4a:3f:3a:94:39:19:8d:ac:2d:5c:9a:
59:76:f2:ac:7d:a3:9c:cb:ba:e9:d5:e3:0e:28:2f:a0:4b:77:
91:2d:48:24:05:78:5e:12:28:4a:4a:3d:e3:07:b1:e4:da:b3:
9f:b4:d8:89:1f:b3:b2:c4:7e:cb:a8:ec:f4:17:6f:23:63:27:
17:a9:b7:68:5d:59:dd:de:5a:7b:7f:3d:38:73:13:03:61:ef:
ca:7d:9d:c9:30:82:67:1d:09:b1:92:ca:22:c7:b2:3e:87:65:
27:ed:22:5b:60:26:0a:15:69:17:dd:85:f4:07:a7:10:ee:22:
43:82:65:03:63:28:3e:f6:fe:61:54:f8:e6:e2:66:bf:cd:4c:
f0:ab:16:72:d5:23:c2:84:2e:2d:47:97:72:49:39:c2:f8:06:
6c:5a:32:de:32:d1:41:f8:fa:6f:50:6a:50:9c:1c:34:7a:86:
f6:a3:48:7f:83:05:47:ab:6d:7d:f9:cf:0c:a7:ce:73:41:5d:
6a:27:a5:91:6f:0f:a9:e3:9c:13:a1:10:eb:7e:cb:6a:bf:36:
5f:aa:3e:d9
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZY56hT7cn/A7d/h1RG7zaNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDE1MTQ0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDgyMGY3OTY0ODFhYzBlOTYzN2M5NjI0MTQ1OTdiMWZlMjI3YzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg4R+abSUMPAmQA/Pt0jXRqQBJ5Z
RYFMI6UGg+sy12+Yz8sT6jJ1P3Vudq+Z1159jqmn1NqQck8iO2WI3bqifzxO76/B
lhDFdP1o6LEM42lJdHuCjz2Vsce/0oea0V4lhNKkyhQcUH+d9Wg+tqTEIfLeWMBM
c3eFd7mV1XkYeU3+s6x1+gKQAHq/FP8TpVqhVdXwObey79kIVedy9csoOty3l24X
klCKHZ6kif2zjarc0zKtSg6Nk+oIfFVpOE91WlXBoSNJmHjczRDEGaMA4oEHYhdO
02BtJo6dc1NEFrznaoKK02YNkkSa4rDsCqiohZ9eX/Zpr0mdbBiAGn41WwIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFCCCD3lkgawOljfJYkFFl7H+InwkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VmL2I5OGI5
Zi1iNTgxLTRlM2UtYWU4YS05ODdkODY5NTY2ZjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYvYjk4Yjlm
LWI1ODEtNGUzZS1hZThhLTk4N2Q4Njk1NjZmNi8xL0lJSVBlV1NCckE2V044bGlR
VVdYc2Y0aWZDUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF
BwEHAQH/BE8wTTA8BAIAATA2AwQCBZG0AwQCWSY8AwQCWSqQAwQCuQtcAwQCuYRM
AwQCuZnMAwQCubVgAwQCuc9cAwQCudcwMA0EAgACMAcDBQAqDJaAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMa2zANBgkqhkiG9w0BAQsFAAOCAQEAYEEvYuJaSgFh
Us6rPKT7feAj0E3QaRFkMnMiaWJc7K2v4h9oDIQditNVR0o/OpQ5GY2sLVyaWXby
rH2jnMu66dXjDigvoEt3kS1IJAV4XhIoSko94wex5Nqzn7TYiR+zssR+y6js9Bdv
I2MnF6m3aF1Z3d5ae389OHMTA2Hvyn2dyTCCZx0JsZLKIseyPodlJ+0iW2AmChVp
F92F9AenEO4iQ4JlA2MoPvb+YVT45uJmv81M8KsWctUjwoQuLUeXckk5wvgGbFoy
3jLRQfj6b1BqUJwcNHqG9qNIf4MFR6ttffnPDKfOc0FdaielkW8PqeOcE6EQ637L
ar82X6o+2Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 22:58:48 2025 by rpki-client